Vulnerability Details CVE-2023-25781
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sebastian Krysmanski Upload File Type Settings plugin <= 1.1 versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.0%
CVSS Severity
CVSS v3 Score 5.9
References
- https://patchstack.com/database/vulnerability/upload-file-type-settings-plugin/wordpress-upload-file-type-settings-plugin-plugin-1-1-cross-site-scripting-xss?_s_id=cve
- https://patchstack.com/database/vulnerability/upload-file-type-settings-plugin/wordpress-upload-file-type-settings-plugin-plugin-1-1-cross-site-scripting-xss?_s_id=cve
Products affected by CVE-2023-25781
-
cpe:2.3:a:upload_file_type_settings_plugin_project:upload_file_type_settings_plugin:1.1